Announcement

Collapse
No announcement yet.

I'm an open relay!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • I'm an open relay!

    I use mercury mail on my server and I thought that I had set it up so that it would not relay non-local mail. I just happened to check outlook and I found lots of bounced mails that were originating from me.

    I have verified that I am acting as an open relay, but I can't figure out how to stop it. I have disabled the Mercury server until I can sort it.

    Anyone use it?
    The Welsh support two teams when it comes to rugby. Wales of course, and anyone else playing England

  • #2
    I have edited my mailserver config like this:
    [MercuryS]
    Debug : 1
    Logfile : D:\Website\xampp\MERCURYMAIL\Logs\MERCURYS.LOG
    Timeout : 30
    Relay : 0
    Strict_Relay : 1
    Allow_Illegals : 0
    allow: ******MY IP*******
    SMTP_Authentication : 0
    Compliance_Settings : 0
    Maximum_Failed_Rcpts : 4
    Max_Relay_Attempts : 4
    SSL_Mode : 0
    ST_Blacklisting : 288
    No_VRFY : 0
    but I am still relaying mail. I seem to be sending it as local mail.
    The Welsh support two teams when it comes to rugby. Wales of course, and anyone else playing England

    Comment


    • #3
      Are you sure you don't have any trojans etc on any of your computers?

      Comment


      • #4
        Make the server authenticate SMTP. That'll put a stop to it.
        The Internet - where men are men, women are men, and teenage girls are FBI agents!

        I'm the least you could do
        If only life were as easy as you
        I'm the least you could do, oh yeah
        If only life were as easy as you
        I would still get screwed

        Comment


        • #5
          The title of your thread reminded me of a famous quote from "The Fifth Element":

          Korben Dallas: I am a meat popsicle.

          P.S. You've been Spanked!

          Comment


          • #6
            Paddy,

            Firstly you are using Mercury 4.01b and the latest security patches http://www.pmail.com/newsflash.htm#whfix

            In the mercury SMTP server
            Click
            Do not permit relaying of non-local mail
            Use strict local relaying restrictions

            Turn on general and session logging wherever you can, this will store all incoming and outgoing messages, it may help you track down the problems.

            Add ip address restrictions in your connection control areas, this will help you track down any local problems.

            At work I use two instances of mercury one for all internal comms and another for external traffic, this allows me to monitor what is going on.

            Mercury also sits behind the firewall and is using a local private ip address (192.168.x.x) this is translated using static NAT, I don't use dynanic nat at all on the network.

            You can also try the mercurylists at BAMA.UA.EDU, guys who are much better than me at fixing these issues will be able to help.

            Breezer
            Everything I say is true apart from that which is not

            Comment


            • #7
              Thanks guys.
              I'll try your suggestions tonight and get back to you.
              The Welsh support two teams when it comes to rugby. Wales of course, and anyone else playing England

              Comment


              • #8
                Rats, now how am I going to send my emails...
                pixar
                Dream as if you'll live forever. Live as if you'll die tomorrow. (James Dean)

                Comment


                • #9
                  Right.

                  I did have the relay options checked but i was still spamming the world.
                  I have rebuilt the mail server and everything seems to be ok.

                  I have tested the server and I am not an open relay.

                  The only problem that I have now is that I can not relay mail myself.
                  I can send mail fine from within the network, but if I IMAP into the account from a different IP or if I use the webmail (squirrelmail) function i get a 'we do not relay non-local mail' message.

                  I can allow RFC2554 authentication but I'm not sure how to set it up. any ideas?
                  The Welsh support two teams when it comes to rugby. Wales of course, and anyone else playing England

                  Comment

                  Working...
                  X